System, apparatus and method for mixed mode communication on a single network

ABSTRACT

Provided is a system, apparatus, and method for evaluating a variety of protocols on a computer network which includes a plurality of network devices. The network devices are adapted to communicate messages on the computer network using their respective protocols. The present invention system, apparatus and method are associated with one of the network devices. The present invention system, apparatus and method are further adapted to identify the various protocols on the network and analyze each message on the network to determine the protocol associated with the message. In another aspect of the present invention, the system and apparatus are adapted to determine whether to communicate a message to the associated network device based on this identification and analysis the message. The present invention embodiments allow for mixed mode communication on a single network.

CROSS-REFERENCE TO RELATED APPLICATIONS

None.

BACKGROUND OF THE INVENTION

The present invention relates to a system, apparatus and method forevaluating a variety of protocols on a computer network which includes aplurality of network devices. The network devices are adapted tocommunicate messages on the computer network using their respectiveprotocols. The present invention system, apparatus and method areassociated with one of the network devices. The present inventionsystem, apparatus and method are further adapted to identify the variousprotocols on the network and analyze each message on the network todetermine the protocol associated with the message. Such an arrangementallows for a mixed mode communication on a single network.

The present invention system, apparatus and method may be used with adevice associated with any type of computer network. Suitable computernetworks may include local area networks (LANs), wide area networks(WANs), or any other computer networks which include a plurality ofnetwork devices which send messages therebetween using variousprotocols.

An example of a computer network is a Supervisory Control and DataAcquisition (SCADA) system. A SCADA system is typically a large-scale,distributed measurement and control computer network which includes aplurality of network devices which communicate using various protocols.The network devices of a typical SCADA system generally comprise a SCADAserver for monitoring, controlling or automating one or more remotelyconnected Intelligent Electronic Devices (IEDs).

In one application, a SCADA system may be used in the monitoring,controlling and/or automation of an electric power system. Accordingly,a SCADA server may be used to monitor, control and/or automate IEDs suchas electric power system protective devices, protective relays, remoteterminal units (RTUs), power line communication devices, baycontrollers, meters, and any other comparable devices. For example, aSCADA server may be adapted to control an IED to isolate some powersystem element(s) from the remainder of the power system upon detectionof an abnormal condition or a fault in, or related to, the power systemelement(s).

In a typical SCADA system, the network devices associated therewith usevarious protocols which are often governed by protocol standards (e.g.,MODBUS or DNP). Protocol standards govern how data is to be organized ina message such that the network devices are able communicate with oneanother. Because of these standards and for sake of ease, it hastraditionally been preferable for SCADA systems to be configured suchthat all network devices communicate using the same protocol. For simpleapplications, the configuration of such systems is relatively easy asthe SCADA server is merely required to communicate with one type of IEDto perform a particular function.

In contrast, for complex applications such as networking of devices foran electric power system, it is preferable to configure a SCADA serverfor communication with many types of IEDs for the complete automation,controlling and/or monitoring of the system. These different IEDs in aSCADA system for an electrical power system are often multi-functionaland, therefore, generally communicate using many different protocols. Intraditional arrangements, the SCADA system is configured such that eachprotocol is transferred using separate communications lines, therebyforming multiple computer networks. This arrangement is particularlycumbersome and requires time- and labor-intensive configuration of theSCADA server and/or IEDs during installation. Therefore, it is an objectof the present invention to provide a system and method for providingmixed-mode communication on a single network.

In another application, it is often preferable for the computer networkto be encrypted for security purposes. However, it is often desirable toencrypt messages associated with some network devices and not others.Therefore, in such networks, it is often desirable to couple networkdevices using encrypted communication together, creating an encryptednetwork. Likewise, it is often desirable to couple network devices usingnon-encrypted communication together, creating a non-encrypted network.This arrangement is also particularly cumbersome and requires time andlabor intensive configuration of the devices during installation.

Accordingly, it is an object of this invention to provide a system andapparatus that evaluates a variety of protocols on a computer networkwhich comprises a plurality of devices that communicate using variousprotocols. It is further an object of the present invention to provide asystem and apparatus which identifies the various protocols on thenetwork and analyzes each message on the network to determine theprotocol associated with the message. This arrangement allows allnetwork devices, although adapted to communicate using differentprotocols, to reside on a single network or even on a singlecommunications line. Such an arrangement allows for a mixed-modecommunication on a single network or a single communications line.

These and other desired benefits of the preferred embodiments, includingcombinations of features thereof, of the invention will become apparentfrom the following description. It will be understood, however, that aprocess or arrangement could still appropriate the claimed inventionwithout accomplishing each and every one of these desired benefits,including those gleaned from the following description. The appendedclaims, not these desired benefits, define the subject matter of theinvention. Any and all benefits are derived from the multipleembodiments of the invention, not necessarily the invention in general.

SUMMARY OF THE INVENTION

In accordance with the invention provided is a system, apparatus andmethod for evaluating a variety of protocols on a computer network whichincludes a plurality of network devices. The network devices are adaptedto communicate messages on the computer network using their respectiveprotocols. The present invention system, apparatus and method areassociated with one of the network devices. The present inventionsystem, apparatus and method are further adapted to identify the variousprotocols on the network and analyze each message on the network todetermine the protocol associated with the message. Such an arrangementallows for a mixed mode communication on a single network.

In one embodiment, provided is a system for evaluating a message on asingle network. The network includes a plurality of network devicescommunicating messages using various different protocols, wherein aportion of each message includes a specific sequence. The systemgenerally comprises a protocol evaluation apparatus which includes afirst protocol identifier module associated with a specific messagingprotocol and a second protocol identifier module associated with anotherspecific messaging protocol. The first protocol identifier module isadapted to evaluate a sequence of a portion of a message on the network.If the sequence of the portion of the message on the network is not inaccordance with the specific messaging protocol of the first protocolidentifier module, the second protocol identifier module evaluates theportion of the message. The present invention system further includes anetwork device coupled to the apparatus. The protocol evaluationapparatus is adapted to transmit the message to the network device ifthe sequence of a portion of the message is in accordance with thespecific messaging protocol associated with either the first or secondprotocol identifier module.

In another embodiment, an apparatus for evaluating a message on a singlenetwork is provided. The network in this embodiment also includes aplurality of devices communicating messages using various differentprotocols, wherein a portion of each message includes a specificsequence. The present invention apparatus is associated with one of thenetwork devices and generally includes a plurality of protocolidentifier modules. One of the protocol identifier modules is associatedwith a specific messaging protocol and is adapted to evaluate a sequenceof a portion of a message on the network. A second protocol identifiermodule is associated with another specific messaging protocol. If thesequence of the portion of the message on the network is not inaccordance with the specific messaging protocol of the first protocolidentifier module, the second protocol identifier module evaluates theportion of the message.

In yet another embodiment, a method for evaluating a message on a singlenetwork is provided. This network also includes a plurality of devicescommunicating messages using various different protocols, wherein aportion of each message includes a specific sequence. The methodgenerally includes the steps of evaluating a sequence of a portion of amessage on the network to determine whether the portion of the messageis in accordance with a sequence of a specific messaging protocol. Ifthe sequence of the portion of the message on the network is not inaccordance with the specific messaging protocol, the portion of themessage is evaluated to determine whether the portion of the message isassociated with a sequence of another specific messaging protocol.

It should be understood that the present invention includes a number ofdifferent aspects or features which may have utility alone and/or incombination with other aspects or features. Accordingly, this summary isnot exhaustive identification of each such aspect or feature that is nowor may hereafter be claimed, but represents an overview of certainaspects of the present invention to assist in understanding the moredetailed description that follows. The scope of the invention is notlimited to the specific embodiments described below, but is set forth inthe claims now or hereafter filed.

BRIEF DESCRIPTION OF THE DRAWINGS

FIG. 1 is a single line schematic diagram of an embodiment of thepresent invention system for providing a mixed mode communication on asingle network.

FIG. 2 is a functional block diagram of a protocol evaluation apparatusof FIG. 1 according to an embodiment of the present invention system.

FIG. 3 is a flow chart illustrating the process for evaluating amessaging protocol according to an embodiment of the present invention.

FIG. 4 is a block diagram illustrating the sequence of a HAYES messagingprotocol.

FIG. 5 is a block diagram illustrating the sequence of an SMI messagingprotocol.

FIG. 6 is a block diagram illustrating the sequence of a DNP messagingprotocol.

FIG. 7 is a functional block diagram of a protocol evaluation apparatusfor evaluating a DNP messaging protocol according to an embodiment ofthe present invention system.

FIG. 8 is a block diagram illustrating the sequence of an AGA messagingprotocol.

FIG. 9 is a block diagram illustrating the sequence of an SEL messagingprotocol.

FIG. 10 is a functional block diagram of a protocol evaluation apparatusfor evaluating HAYES or SMI; DNP; AGA; SEL; DDF; and UPP messagingprotocols.

DETAILED DESCRIPTION OF THE INVENTION

The present invention relates to a system and apparatus for evaluating avariety of protocols on a computer network which includes a plurality ofnetwork devices. The network devices are adapted to communicate messageson the computer network using their respective protocols. The presentinvention system, apparatus and method are associated with one of thenetwork devices. The present invention system, apparatus and method arefurther adapted to identify the various protocols on the network andanalyze each message on the network to determine the protocol associatedwith the message. Such an arrangement allows for a mixed-modecommunication on a single network.

Although various embodiments herein describe a system and apparatusassociated with a network device in a SCADA system, it is contemplatedthat the present invention system, apparatus and method may be used witha device associated with any type of computer network. Suitable computernetworks may include local area networks (LANs), wide area networks(WANs) or any other computer networks which include a plurality ofnetwork devices which send messages therebetween using variousprotocols.

FIG. 1 is a block diagram of a SCADA system 2 in accordance with anaspect of the present invention including a system and device forevaluating a variety of protocols on the network 4. Such an arrangementallows for a mixed mode communication on a single network. The SCADAsystem 2 generally comprises a plurality of network devices. The networkdevices as shown in FIG. 1 include a SCADA server 6 for monitoring,controlling or automating remotely connected IEDs 8 a, 8 b . . . 8 n.SCADA server 6 is adapted to communicate messages using variousprotocols to IEDs 8 a, 8 b . . . 8 n.

In one embodiment, SCADA system 2 may be used in the monitoring,controlling and/or automation of an electric power system. Accordingly,IEDs 8 a, 8 b . . . 8 n may be any one of the following: electric powersystem protective device, protective relay, remote terminal unit (RTU),power line communication device, bay controller, meter, or any othercomparable device. As such, in this application, SCADA server 6 may beused to monitor, control and/or automate any one of the IEDs 8 a, 8 b .. . 8 n to affect a power system element. For example, SCADA server 6may be used to control any one of IEDs 8 a, 8 b or 8 n to isolate somepower system element(s) from the remainder of the power system upondetection of an abnormal condition or a fault in, or related to, thepower system element(s).

This present invention SCADA system 2 is generally different from atraditional SCADA system in that it additionally includes protocolevaluation apparatuses 10 a, 10 b . . . 10 n, which are generallyadapted to identify the various protocols on the network 4 and analyzeeach message on the network 4 to determine the protocol associated withthe message. Although they are shown as being separate and apart fromthe associated IEDs, protocol evaluation apparatuses 10 a, 10 b . . . 10n may also be implemented within or as a part of each respective IED. Aprotocol evaluation apparatus (not shown) may also be associated with,or part of SCADA server 6 for evaluation of messaging protocol beingcommunicated thereto. The protocol evaluation apparatus allows for amixed-mode communication on the single network.

FIG. 2 is a functional block diagram of any one of the protocolevaluation apparatuses 10 a, 10 b . . . 10 n of FIG. 1. FIG. 3 is a flowchart illustrating the protocol evaluation process. Referring to bothFIGS. 2 and 3 concurrently, various protocol messages are beingcommunicated to an associated IED. The protocol evaluation apparatus 10associated with the IED generally evaluates a selected portion of amessage on the network. In one embodiment, each message may besub-divided into select portions and stored in an optional data buffer20. In one embodiment, each message may be sub-divided into frames,wherein the protocol evaluation apparatus 10 is adapted to evaluate themessage on a frame-by frame basis or otherwise adapted to evaluateselect frames of the message. In another embodiment, each message may besub-divided into to octets of data, wherein the protocol evaluationapparatus 10 is adapted to evaluate the octets of data or select octetsof data. Optional data buffer 20 may be adapted to store a selectedamount of data. For example, the data buffer 20 may be adapted to storea select number of frames or select number of octets of data. Otherstorage means may be used instead of data buffer 20.

Referring back to FIGS. 1 and 2, protocol evaluation apparatus 10generally includes protocol identifier modules 22 a, 22 b . . . 22 n.The data stored in the data buffer 20 is generally accessible to each ofprotocol identifier modules 22 a, 22 b . . . 22 n. Protocol identifiermodules 22 a, 22 b . . . 22 n generally identify the protocol of thedata associated with the message.

More specifically, in one embodiment, the first protocol identifiermodule 22 a may be used to identify whether the message is in accordancewith a first selected protocol message (e.g., a DNP protocol). A secondprotocol identifier 22 b may be used to identify whether the message isin accordance with a second selected protocol message (e.g., MODBUSprotocol). An ‘N’th protocol identifier 22 n may be used to identifywhether the message is in accordance with ‘N’th protocol message (e.g.,a manufacturer specific protocol). For these embodiments, the messagingprotocol may be in accordance with a specific protocol, a protocolstandard, an encryption method, a timing element or any combinationthereof.

In one example, in the identification process, the first protocolidentifier module 22 a may evaluate a select portion of a particularmessage. If the portion is in accordance with the first selectedprotocol, but does not contain enough information to uniquely identifythe protocol, the first protocol identifier module 22 a is configured toassert a “like”. The first protocol identifier module 22 a thenevaluates other select portions of the message. If the select portionsare in accordance with the first selected protocol, the first protocolidentifier module 22 a is configured to continue to assert “like” forthose select portions. Once enough portions of the message are receivedto identify the protocol of the message, the first protocol identifierwill assert “claim”. At this point, the protocol of the message isidentified.

If any of the portions of the message are not in accordance with thefirst selected protocol, the first protocol identifier module 22 aasserts a “dislike”. In this case, first protocol identifier module 22 ais adapted to signal the second protocol identifier module 22 b toevaluate the message. In this manner, the second protocol identifiermodule 22 b begins a process similar to that of first protocolidentifier module 22 a.

More specifically, if the select portion of the message (which hasalready been evaluated by the first protocol identifier 22 a) is inaccordance with the second selected protocol, the second protocolidentifier module 22 b is configured to assert a “like”. If the portionis in accordance with the second selected protocol, but does not containenough information to uniquely identify the protocol, the secondprotocol identifier module 22 b is configured to assert a “like”. Thesecond protocol identifier module 22 b then evaluates other selectportions of the message. If the select portions are in accordance withthe second selected protocol, the second protocol identifier module 22 bis configured to continue to assert “like” for those select portions.Once enough portions of the message are received to identify theprotocol of the message, the second protocol identifier will assert“claim”. At this point, the protocol of the message is identified.

If any of the portions of the message are not in accordance with thesecond selected protocol, the second protocol identifier module 22 basserts a “dislike”. In this case, second protocol identifier module 22b is adapted to signal the next protocol identifier module to evaluatethe message. In this manner, the next protocol identifier module beginsa process similar to that of first and second protocol identifiermodules 22 a, 22 b.

In one embodiment, the protocol identifier modules 22 a, 22 b . . . 22 nmay be arranged in the order of protocol identification priority. Forexample, the first protocol identifier module 22 a may be associatedwith the messaging protocol having the highest priority, whereas the ‘N’th protocol identifier module may be associated with the messagingprotocol having the lowest priority.

In yet another embodiment, it is preferable that the protocol identifiermodules 22 a, 22 b . . . 22 n be arranged in order of complexity. Inthis arrangement, the first protocol identifier modules are associatedwith more complex protocols, whereas the latter protocol identifiermodules are associated with simpler protocols. More specifically, someprotocols include the same data portions as other protocols. In many ofthese instances, the beginning data portions of the more complexprotocols are the same or similar to simpler protocols.

For example, a DNP message frame begins with (0x0564). A message framefrom a separate protocol (PROTX) begins with (0x05). Therefore, if thefirst protocol identifier module were associated with PROTX protocol andthe second protocol identifier module were associated with a DNPprotocol, an error may occur. More specifically, if (0x05) is received,the first protocol identifier module would “claim” the message even ifthe second character received is (0x64). Therefore, it would bepreferable to associate the more complex DNP protocol with the firstprotocol identifier and the simpler PROTX protocol with the secondprotocol identifier.

In yet another embodiment, each message may further be time-stampedbased on a timer (not shown). Furthermore, a portion of the data messagemay be time-stamped. For example, the individual frames or even theindividual octets may be time-stamped. In another example, a time delaybetween the communication of messages may be determined using a timestamp of the data message.

In such an arrangement, protocol identifier module may be adapted toidentify the protocol based on a time-stamp associated therewith. Thistime-stamp may facilitate the distinguishing between different messagingprotocols. Various protocols have a timing element associated with itsarrangement or sequence (e.g., a period of dead time wherein eithermessage data is not transmitted or there is no data within the messagedata). A timer and time-stamp, as described above, may be used todetermine this timing element.

The present invention embodiments may be adapted to evaluate messagingprotocol including the timing element within its sequence. If the timingelement is in accordance with the select messaging protocol, the messageis transmitted to the claim control module as described above. If thetiming element is not in accordance with the select messaging protocol,the protocol identifier module is adapted to signal the next protocolidentifier module to evaluate the message.

In yet another embodiment, it is contemplated that each of theseprotocol identifier modules 22 a, 22 b . . . 22 n may be used toidentify the protocol of the messages concurrently. As described above,message data in data buffer 20 are accessible to each of the protocolidentifier modules 22 a, 22 b . . . 22 n. Accordingly, each of theprotocol identifier modules 22 b . . . 22 n may be adapted such that itdoes not need a signal from another protocol identifier module in orderto begin the identification process.

Referring back to FIGS. 2 and 3, after the messaging protocols areidentified by protocol identifier modules 22 a, 22 b . . . 22 n,messages are transmitted to claim control module 24 for furtherprocessing. The claim control module 24 provides data to the associatedIED in order to identify or otherwise label the protocol of the messagetransmitted thereto.

For example, as shown herein, Claim_som as shown in FIG. 2 may be usedto signify the first section of the portion of the message that has beenclaimed (e.g., the first octet of the portion of the message). Claim_eommay be used to signify the last section of the portion of the messagethat has been claimed (e.g., the last octet of the portion of themessage). Claim_to_eom may be used to signify the end of a claimedportion of the message due to a time delay (based on an associated timestamp) during which portions of the claimed message are not received.Claim_owner may be used to signify the protocol of the identified frame.

In yet another embodiment, the present invention embodiments of FIGS. 1and 2 may further be adapted to determine whether to communicate amessage to the associated network device. For example, it may bedesirable for SCADA server 6 to send messages using various differentprotocols to each of the IEDs 8 a, 8 b or 8 n. For example, it may bedesirable for SCADA server 6 to send DNP protocol and MODBUS protocolmessages to IED 8 a. It may be desirable for SCADA server 6 to send onlyDNP protocol messages to IED 8 b. It may be desirable for SCADA server 6to send only MODBUS protocol messages to IED 8 n. In another example, itmay be desirable for SCADA server 6 to send some messages using anencrypted protocol, whereas others messages are not encrypted. Forexample, it may by desirable for SCADA server 6 to send messages usingan encryption protocol to IED 8 a.

Accordingly, based on whether the protocol identifier modules “like”,“dislike” or otherwise “claim” the message, the protocol evaluationapparatuses may serve as filters for messages communicated or notcommunicated to the associated network device. For example, protocolevaluation apparatuses 10 a, 10 b . . . 10 n may be adapted to transmitany messages that are “claimed” or “liked” to the associated IEDs 8 a, 8b . . . 8 n respectively, whereas any messages that are “disliked” arenot transmitted to the respective IED 8 a, 8 b . . . 8 n. In this way,the proper messages via the protocols associated therewith are analyzedand filtered such that they may be properly transmitted to theappropriate network device.

It is important to note that the present invention is adapted toaccommodate a number of different protocols, some of which have specificcharacter sequences, timing elements or a combination thereof. For theelectric power system industry, such protocols include, but are notlimited to, HAYES, SMI, DNP, AGA, SEL, DDF, UPP, MODBUS, IEC-60870,IEC-61850, PROFIBUS and other similar protocols. Examples ofimplementation of some of the protocols which may be used in accordancewith the present invention system and device are described below.

EXAMPLE 1 HAYES and SMI Messaging Protocols

As illustrated in FIGS. 4 and 5, the sequences of a HAYES (a modemmessaging protocol architecture) and Secure Mode Initialization (SMI)messaging protocol includes three messaging characters situated betweentwo timing elements. These two timing elements are a period of dead timewherein message data is not transmitted. Accordingly, these timingelements may be generally referred to as “Deadtime”.

For the HAYES messaging protocol, the first timing element 40 is definedby the amount of time the protocol evaluation apparatus is idle afterreceiving the last frame of data. The protocol then includes three HAYEScharacters 42. The second timing element 44 is defined by the amount oftime after the last octet of the last frame of data has been received.The two timing elements 40, 44 are further each defined by Deadtimeseconds specific to the HAYES messaging protocol.

For the SMI messaging protocol, the first timing element 50 is definedby the amount of time the protocol evaluation apparatus is idle afterreceiving the last frame of data. The protocol then includes three SMIcharacters 52. The second timing element 54 is defined by the amount oftime after the last octet of the last frame of data has been received.The two timing elements 50, 54 are each further defined by Deadtimeseconds specific to the SMI messaging protocol.

The present invention embodiments may be adapted to evaluate either aHAYES or SMI messaging protocol. More specifically, the timing elementsmay be determined by the time stamp as described above. Moreover, thesequence of the messaging protocol may be determined by associating theHAYES or SMI protocol with a protocol identifier module.

If each timing element and frame is in accordance with the HAYES or SMIprotocol, the message is transmitted to the claim control module asdescribed above. If any of the timing elements or frames is not inaccordance with the HAYES or SMI protocol, the protocol identifiermodule is adapted to signal the next protocol identifier module toevaluate the message.

In the claim control module, Claim_som as shown may be used to signifythe first octet of the frame that has been claimed. Claim_eom may beused to signify the last octet of the frame that has been claimed.Claim_to_eom may be used to signify the end of a claimed frame due to anappropriate dead time (based on an associated time stamp). Claim_ownermay be used to signify the protocol of the identified frame.

In another embodiment, the proper HAYES or SMI messages via theirspecific protocols associated therewith are analyzed and filtered suchthat they may be properly transmitted to the appropriate IED.

EXAMPLE 2 DNP Messaging Protocol

As illustrated in FIG. 6, the sequence of a DNP messaging protocolincludes the following portions: a beginning identifier 60 of themessaging protocol, the length 61 of the message, control portion 62 foridentifying the function of the message, destination 63 of the message,source 64 of the message, cyclic redundancy check (CRC) 65, and the data66.

The present invention embodiments may be adapted to evaluate the DNPmessaging protocol. More specifically, the sequence of the messagingprotocol may be determined by associating the DNP protocol with aprotocol identifier module. Since the beginning identifier 60 providesfor an identification means for the message, a protocol identifiermodule of the present invention may be adapted to analyze only thisportion of the message.

For example, if the beginning identifier 60 is in accordance with atypical DNP protocol (e.g., containing 0x0564), the message istransmitted to the claim control module as described above. If any ofthe beginning identifier 60 is not in accordance with the DNP protocol,the protocol identifier module is adapted to signal the next protocolidentifier module to evaluate the message.

In the claim control module, Claim_som as shown may be used to signifythe first octet of the frame that has been claimed. Claim_eom may beused to signify the last octet of the frame that has been claimed.Claim_to_eom may be used to signify the end of a claimed frame due to anappropriate dead time (based on an associated time stamp). Claim_ownermay be used to signify the protocol of the identified frame.

In another embodiment, proper DNP messages via the specific DNP protocolassociated therewith are analyzed and filtered such that they may beproperly transmitted to the appropriate IED.

The present invention may further be adapted to evaluate the remainderof the message as shown in FIG. 7. In this arrangement, provided is aframe start identifier 70, a cyclic redundancy check (CRC) calculator72, a frame length calculator 74 and a DNP State Machine 76.

The frame start identifier 70 functions like the protocol identifiermodule of FIG. 2. More specifically, the frame start identifier 70monitors the data buffer (not shown) to determine whether the beginningidentifier portion of the message is in accordance with a typical DNPprotocol (e.g., containing 0x0564) as described above. If it is, themessage is transmitted to the claim control module as described above.If not, the frame start identifier 70 is adapted to signal another nextprotocol identifier module or frame start identifier (not shown) toevaluate the message.

A CRC calculator 72 may be provided in order to detect errors in themessage. A frame length calculator 74 may further be provided todetermine the overall length of the frame. The DNP State Machine 76 mayfunction like the claim control module except with the addedfunctionality of processing the data from CRC calculator 72 and framelength calculator 74.

EXAMPLE 3 AGA and SEL Messaging Protocols

As illustrated in FIGS. 8 and 9, the sequences of an AGA and SELmessaging protocol include messaging protocol signifiers before andafter the data.

For the AGA messaging protocol, the first messaging protocol identifieris a 2-octet data delimiter (AGA_ESC AGA_SOM) 80. The next portion isdata 82. The second messaging protocol identifier is also a 2-octet datadelimiter (AGA_ESC AGA_EOM) 84.

For the SEL messaging protocol, the first messaging protocol identifieris a 1-octet data delimiter (SEL_SOM) 90. The next portion is data 92.The second messaging protocol identifier for the SEL messaging protocolis also a 1-octet data delimiter (SEL_EOM) 94.

The present invention embodiments as described with respect to FIGS. 1and 2 may be adapted to evaluate either an AGA or SEL messagingprotocol. More specifically, the sequence of the messaging protocol maybe determined by associating the AGA or SEL protocol with a protocolidentifier module.

If the first and second messaging protocol identifier is in accordancewith the AGA or SEL protocol, the message is transmitted to the claimcontrol module as described above. If any of the frames of either thefirst or second messaging protocol identifier is not in accordance withthe AGA or SEL protocol, the protocol identifier module is adapted tosignal the next protocol identifier module to evaluate the message.

In another embodiment, the proper AGA or SEL messages via their specificprotocols associated therewith are analyzed and filtered such that theymay be properly transmitted to the appropriate IED.

EXAMPLE 4 DDF and UPP Messaging Protocols

Delay Delimited Format (DDF) messaging protocols are associated with aspecific time element. Using the timer as described above, the timingelement is a period of dead time wherein either message data is eithernot transmitted or there is no data within the message data.

The present invention embodiments may be adapted to evaluate a DDFmessaging protocol. More specifically, the timing elements may bedetermined by the time stamp as described above. If each timing elementis in accordance with the DDF protocol, the message is transmitted tothe claim control module as described above. If the timing element isnot in accordance with the DDF protocol, the protocol identifier moduleis adapted to signal the next protocol identifier module to evaluate themessage.

In another embodiment, the proper DDF messages via the specific timingelements associated therewith are analyzed and filtered such that theymay be properly transmitted to the appropriate IED.

EXAMPLE 5 Unstructured Messaging Protocols

Unstructured messaging protocols do not have a specific sequenceassociated therewith. Unstructured messaging protocols are sometimesreferred to as Unstructured Point to Point (UPP) messaging protocols.Accordingly, such messaging protocols may be defined by a timing elementlike the DDF messaging protocol as discussed above or otherwise themaximum number of characters in the message. As such, if theunstructured messaging protocol is based on a specific maximum number ofcharacters, a protocol identifier module may be adapted to determine thenumber of characters associated with the specific unstructured messagingprotocol. If the number of characters is in accordance with theparticular unstructured messaging protocol, the message is transmittedto the claim control module as described above. If the number ofcharacters is not in accordance with the particular unstructuredmessaging protocol, the protocol identifier module is adapted to signalthe next protocol identifier module to evaluate the message.

In accordance with the teachings of the present invention and examples1-4 described herein, it is to be noted that any of the above examplesmay be implemented into a system for evaluating HAYES, SMI, DNP, AGA,SEL, DDF, and/or UPP messaging protocols, individually or in anycombination thereof. An example of a system for analyzing all of theseprotocols in one system is illustrated in FIG. 10.

While this invention has been described with reference to certainillustrative aspects, it will be understood that this description shallnot be construed in a limiting sense. Rather, various changes andmodifications can be made to the illustrative embodiments withoutdeparting from the true spirit, central characteristics and scope of theinvention, including those combinations of features that areindividually disclosed or claimed herein. Furthermore, it will beappreciated that any such changes and modifications will be recognizedby those skilled in the art as an equivalent to one or more elements ofthe following claims, and shall be covered by such claims to the fullestextent permitted by law.

1. A system for evaluating a message on a single network, said networkincluding a plurality of network devices communicating messages usingvarious different protocols, wherein a portion of each message includesa specific sequence, the system comprising: a protocol evaluationapparatus including a first protocol identifier module associated with aspecific messaging protocol and a second protocol identifier moduleassociated with another specific messaging protocol, said first protocolidentifier module adapted to evaluate a sequence of a portion of amessage on the network, wherein if the sequence of the portion of themessage on the network is not in accordance with the specific messagingprotocol of the first protocol identifier module, the second protocolidentifier module evaluates the portion of the message, and a networkdevice coupled to the protocol evaluation apparatus, wherein saidprotocol evaluation apparatus is adapted to transmit the message to thenetwork device if the sequence of a portion of the message is inaccordance with the specific messaging protocol associated with eitherthe first or second protocol identifier module.
 2. The system of claim1, wherein the portion of the message is at least an octet of data. 3.The system of claim 1, wherein the portion of the message is a frame andthe protocol identifier module evaluates the portion of the message on aframe-by-frame basis.
 4. The system of claim 1, wherein the protocolevaluation apparatus further includes a data buffer for storing portionsof messages to be evaluated.
 5. The system of claim 1, wherein theprotocol evaluation apparatus further includes a timer.
 6. The system ofclaim 5, wherein the portion of the message includes a time elementassociated with the sequence associated therewith, and wherein saidprotocol evaluation apparatus transmits the message to the networkdevice if the sequence of the portion of the message including the timeelement is in accordance with the specific messaging protocol associatedwith either the first or second protocol identifier module.
 7. Thesystem of claim 1, wherein the protocol evaluation apparatus is adaptedto claim portions of the message and further comprises a claim controlmodule adapted to provide select sections of the portion of the messagethat has been claimed.
 8. The system of claim 7, wherein the claimcontrol module is adapted to provide the first section of the portion ofthe message that has been claimed.
 9. The system of claim 7, wherein theclaim control module is adapted to provide the entire the portion of themessage that has been claimed.
 10. The system of claim 6, wherein theprotocol evaluation apparatus further comprises a claim control module,said claim control module adapted to provide the end of a claimedportion of the message due to a time delay during which portions of theclaimed message are not received.
 11. The system of claim 1, wherein thespecific messaging protocol is associated with a specific encryptionprotocol.
 12. The system of claim 1, wherein the specific messagingprotocol is associated with a messaging protocol used in an electricpower system.
 13. The system of claim 12, wherein the specific messagingprotocol is selected from the group consisting of HAYES, SMI, DNP, AGA,SEL, DDF, MODBUS, IEC-61850, IEC-60870, PROFIBUS, and unstructuredmessaging protocols.
 14. The system of claim 1, wherein the network isselected from a group consisting of a local area network, a wide areanetwork, and a SCADA system.
 15. The system of claim 1, wherein theprotocol evaluation apparatus is part of the network device.
 16. Thesystem of claim 1, wherein the specific messaging protocol associatedwith the first protocol identifier is more complex than the specificmessaging protocol associated with the second protocol identifier. 17.The system of claim 1, wherein the specific messaging protocolassociated with the first protocol identifier has higher priority thanthe specific messaging protocol associated with the second protocolidentifier.
 18. An apparatus for evaluating a message on a singlenetwork, said network including a plurality of devices communicatingmessages using various different protocols, wherein a portion of eachmessage includes a specific sequence, the apparatus associated with oneof the network devices and comprising: a first protocol identifiermodule associated with a specific messaging protocol, said firstprotocol identifier module adapted to evaluate a sequence of a portionof a message on the network, and a second protocol identifier moduleassociated with another specific messaging protocol, wherein if thesequence of the portion of the message on the network is not inaccordance with the specific messaging protocol of the first protocolidentifier module, the second protocol identifier module evaluates theportion of the message.
 19. The apparatus of claim 18, wherein theapparatus is adapted to transmit the message to the associated networkdevice if the sequence of the portion of the message is in accordancewith either of the specific messaging protocol associated with either ofthe protocol identifier modules.
 20. The apparatus of claim 18, whereinthe specific messaging protocol associated with the first protocolidentifier is more complex than the specific messaging protocolassociated with the second protocol identifier.
 21. The apparatus ofclaim 18, wherein the specific messaging protocol associated with thefirst protocol identifier has higher priority than the specificmessaging protocol associated with the second protocol identifier. 22.The apparatus of claim 18, wherein the portion of the message is atleast an octet of data.
 23. The apparatus of claim 18, wherein theportion of the message is a frame and wherein each protocol identifiermodule evaluates the portion of the message on a frame-by-frame basis.24. The apparatus of claim 18, further comprising a data buffer forstoring a number of messages to be evaluated.
 25. The apparatus of claim18, further comprising a timer.
 26. The apparatus of claim 25, whereinthe portion of the message includes a time element associated with thesequence associated therewith.
 27. The apparatus of claim 18, furthercomprising a claim control module and adapted to claim portions of themessage, said claim control module adapted to provide select sections ofthe portion of the message that has been claimed.
 28. The apparatus ofclaim 27, wherein the claim control module is adapted to provide thefirst section of the portion of the message that has been claimed. 29.The apparatus of claim 27, wherein the claim control module is adaptedto provide the entire the portion of the message that has been claimed.30. The apparatus of claim 26, further comprising a claim controlmodule, said claim control module adapted to provide the end of aclaimed portion of the message due to a time delay during which portionsof the claimed message are not received.
 31. The apparatus of claim 18,wherein one of the specific messaging protocols is associated with aspecific encryption protocol.
 32. The apparatus of claim 18, wherein thespecific messaging protocols are associated with a messaging protocolused in an electric power system.
 33. The apparatus of claim 18, whereinthe specific messaging protocols are selected from the group consistingof HAYES, SMI, DNP, AGA, SEL, DDF, MODBUS, IEC-60870, IEC-61850,PROFIBUS, and unstructured messaging protocols.
 34. The apparatus ofclaim 18, wherein the network is selected from a group consisting of alocal area network, a wide area network, and a SCADA system.
 35. Theapparatus of claim 18, wherein the evaluation apparatus is part of thenetwork device.
 36. A method for evaluating a message on a singlenetwork, said network including a plurality of devices communicatingmessages using various different protocols, wherein a portion of eachmessage includes a specific sequence, the method including the steps of:evaluating a sequence of a portion of a message on the network todetermine whether the portion of the message is in accordance with asequence of a specific messaging protocol, and if the sequence of theportion of the message on the network is not in accordance with thespecific messaging protocol, evaluating the portion of the message todetermine whether the portion of the message is associated with asequence of another specific messaging protocol.
 37. The method of claim36, further including the step of transmitting the message to theassociated network device if the sequence of the portion of the messageis in accordance with either of the specific messaging protocols. 38.The method of claim 36, wherein the portion of the message is evaluatedto determine whether the portion of the message is associated with amore complex messaging protocol before evaluating whether the portion ofthe message is associated with a less complex messaging protocol. 39.The method of claim 36, wherein the portion of the message is evaluatedto determine whether the portion of the message is associated with amessaging protocol having a higher priority before evaluating whetherthe portion of the message is associated with a messaging protocolhaving a lower priority.
 40. The method of claim 36, wherein the portionof the message is evaluated on a frame-by-frame basis.
 41. The method ofclaim 36, wherein the portion of the message includes a time elementassociated with the sequence associated therewith.
 42. The method ofclaim 36, wherein one of the specific messaging protocols is associatedwith a specific encryption protocol.
 43. The method of claim 36, whereinthe specific messaging protocols are associated with a messagingprotocol used in an electric power system.
 44. The method of claim 36,wherein the specific messaging protocols are selected from the groupconsisting of HAYES, SMI, DNP, AGA, SEL, DDF, MODBUS, IEC-60870,IEC-61850, PROFIBUS, and unstructured messaging protocols.